I know full well what data is stored in cookies, and you're still only describing IDs. The actual tracking data would be stored remotely, with the cookie used just as a "car licence plate" of sorts. On it's only it's a harmless unique identifier but the privacy issues arise when persistent data is held against that identifier. So my point was, the actual privacy issues isn't the data stored in the cookie itself, it's the data on the remote servers - and thus that's what needs to be legislated against if the EU want to address privacy issues.

I do agree that ideally we don't want these cookies either, but those cookies would be useless without any data against anyway.